diff --git a/machines/configuration.nix b/machines/configuration.nix
index 0fae148..7e74d56 100644
--- a/machines/configuration.nix
+++ b/machines/configuration.nix
@@ -93,6 +93,8 @@ let
       };
     }
   ] ++ defaultModules ++ modules;
+
+  inputsMod = inputs // { malobeo = self; };
 in
 {
   louise = nixosSystem {
@@ -115,7 +117,7 @@ in
 
   fanny = nixosSystem {
     system = "x86_64-linux";
-    specialArgs.inputs = inputs;
+    specialArgs.inputs = inputsMod;
     modules = defaultModules ++ [
       self.nixosModules.malobeo.vpn
       ./fanny/configuration.nix
@@ -141,6 +143,16 @@ in
     ];
   };
 
+  infradocs = nixosSystem {
+    system = "x86_64-linux";
+    specialArgs.inputs = inputs;
+    specialArgs.self = self;
+    modules = makeMicroVM "infradocs" "10.0.0.11" "D0:E5:CA:F0:D7:E7" [
+      self.nixosModules.malobeo.vpn
+      ./infradocs/configuration.nix
+    ];
+  };
+
   lucia = nixosSystem {
     system = "aarch64-linux";
     specialArgs.inputs = inputs;
diff --git a/machines/durruti/host_config.nix b/machines/durruti/host_config.nix
index 1a00761..cc4cf43 100644
--- a/machines/durruti/host_config.nix
+++ b/machines/durruti/host_config.nix
@@ -36,7 +36,7 @@ in
     services.nginx.virtualHosts."docs.malobeo.org" = {
       forceSSL = true;
       enableACME= true;
-      locations."/".proxyPass = "http://${cfg.host_ip}:9000";
+      locations."/".proxyPass = "http://10.0.0.10";
     };
 
     services.nginx.virtualHosts."tasklist.malobeo.org" = {
diff --git a/machines/fanny/configuration.nix b/machines/fanny/configuration.nix
index fa86933..211a8a2 100644
--- a/machines/fanny/configuration.nix
+++ b/machines/fanny/configuration.nix
@@ -15,6 +15,7 @@ in
       ../modules/autoupdate.nix
       inputs.self.nixosModules.malobeo.initssh
       inputs.self.nixosModules.malobeo.disko
+      inputs.self.nixosModules.malobeo.microvm
     ];
 
   malobeo.autoUpdate = {
@@ -51,6 +52,14 @@ in
     privateKeyFile = config.sops.secrets.wg_private.path;
   };
 
+  services.malobeo.microvm.enableHostBridge = true;
+  services.malobeo.microvm.deployHosts = [ "infradocs" ];
+
+
+  services.nginx.virtualHosts."docs.malobeo.org" = {
+    locations."/".proxyPass = "http://10.0.0.11:9000";
+  };
+
   services.tor = {
     enable = true;
     client.enable = true;
diff --git a/machines/infradocs/configuration.nix b/machines/infradocs/configuration.nix
new file mode 100644
index 0000000..0d775bb
--- /dev/null
+++ b/machines/infradocs/configuration.nix
@@ -0,0 +1,20 @@
+{ config, lib, pkgs, inputs, ... }:
+
+with lib;
+
+{
+  networking = {
+    hostName = mkDefault "infradocs";
+    useDHCP = false;
+    nameservers = [ "1.1.1.1" ];
+  };
+
+  imports = [
+    ../durruti/documentation.nix
+    ../modules/malobeo_user.nix
+    ../modules/sshd.nix
+  ];
+
+  system.stateVersion = "22.11"; # Did you read the comment?
+}
+
diff --git a/machines/vpn/configuration.nix b/machines/vpn/configuration.nix
index 57e6341..d10f80f 100644
--- a/machines/vpn/configuration.nix
+++ b/machines/vpn/configuration.nix
@@ -27,6 +27,10 @@ with lib;
     privateKeyFile = config.sops.secrets.wg_private.path;
   };
 
+  services.nginx.virtualHosts."docs.malobeo.org" = {
+    locations."/".proxyPass = "http://10.100.0.101";
+  };
+
   system.stateVersion = "22.11"; # Did you read the comment?
 }